package com.gclife.web;

import com.gclife.api.GclifeApiResponse;
import com.gclife.domain.AuthUser;
import com.gclife.service.AuthService;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@Api(tags = "auth", description = "鉴权服务")
@RestController
@RequestMapping("/")
public class AuthController {
    @Autowired
    AuthService authService;

    @ApiOperation(value = "查询用户是否拥有指定资源的授权", notes = "")
    @GetMapping(value = "/auth")
    public GclifeApiResponse isGranted(String username, String resource) {
        String code = "401";
        if (authService.isGranted(username, resource)) {
            code = "200";
        }
        return new GclifeApiResponse<>(code, "", null);
    }

    @ApiOperation(value = "根据用户名，fetch 该用户所有授权的资源（包括roles和permissions）", notes = "")
    @GetMapping(value = "/resources")
    public GclifeApiResponse fetchGrantedResourcesByUsername(String username) {
        AuthUser authUser = authService.fetchGrantedResourcesByUsername(username);
        return new GclifeApiResponse<>("200", "查询成功", authUser);
    }
}
